﻿using System;
using System.Data;
using System.Data.SqlClient;
using System.Collections.Generic;
using System.Web.SessionState;
using System.Web.Security;
using System.Web;

namespace AIC_CS.BBL
{
    public class CheckLogin
    {
        public DataTable CheckLoginUser(string username, string password)
        {
            List<SqlParameter> lstParameter = new List<SqlParameter>();
            password = FormsAuthentication.HashPasswordForStoringInConfigFile(password, "MD5");
            lstParameter.Add(SqlHelper.CreateParameterObject("@username", SqlDbType.NVarChar, ParameterDirection.Input, username));
            lstParameter.Add(SqlHelper.CreateParameterObject("@password", SqlDbType.NVarChar, ParameterDirection.Input, password));
            DataTable dt = SqlHelper.ExecuteDataTable(CommandType.Text, "SELECT * FROM dbo.tblUser WHERE Username = @username AND Password = @password", lstParameter);
            if (dt.Rows.Count > 0)
            {
                return dt;
            }
            else
            {
                return new DataTable();
            }
        }
    }
}
